gnutls-cli

Connect to TLS server

$ gnutls-cli [example.com]

$ gnutls-cli -p [443] [example.com]

$ gnutls-cli --print-cert [example.com]

$ gnutls-cli --priority="NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" [example.com]

$ gnutls-cli --starttls-proto=[smtp] [mail.example.com]:587

$ gnutls-cli --tofu [example.com] < /dev/null

gnutls-cli [options] hostname

gnutls-cli is a TLS/SSL client for testing and debugging secure connections. It connects to servers, displays certificate information, and allows testing of various TLS configurations.
The tool helps diagnose certificate issues, protocol support, and cipher suite negotiation. It can also serve as a simple secure client for interactive protocols.

-p port

Connect to port.

Print server certificate.

Use STARTTLS (smtp, pop3, imap, ftp, xmpp, ldap).

Priority string for cipher selection.

Verbose output.

Trust on first use.

Don't verify certificate.

CA certificate file.

Benchmark cipher performance.

List supported algorithms.

Certificate verification requires proper CA setup. Priority string syntax complex. Some servers may behave differently with test clients.

gnutls-cli is part of GnuTLS, developed by Nikos Mavrogiannopoulos and others starting in 2000. GnuTLS provides an alternative to OpenSSL under the LGPL license, and gnutls-cli serves as its diagnostic and testing tool.

openssl(1), curl(1), certtool(1), nmap(1)